Author Archives: admin

  • 0
Cryptocurrency

Cryptocurrency Verge Network Falls Victim to Same Attack Even After Hard-Fork

Category : Blog

Cryptocurrency Verge Network Falls Victim to Same Attack Even After Hard-Fork

Cryptocurrency is a digital or virtual currency that uses cryptography for security. It is difficult to counterfeit because of this security feature. A defining feature of it, and arguably its most endearing allure, is its organic nature; it is not issued by any central authority, rendering it theoretically immune to government interference or manipulation.

Cryptocurrency Verge has suffered what executives are claiming is a DDoS attack. The platform is experiencing a serious delay in its blockchain, which has led to security concerns amongst users and worries about the currency’s stability.

The attack took place on Tuesday, May 22, and lasted only for a few hours. During this interval, the hacker used an exploit to alter normal timestamps of mining operations and allow himself to mine XVG coins to the detriment of other users who had their legitimate mining operations delayed or wasted.

 

Cryptocurrency

 

Hacker bypassed previous patches

Following the April attack, the Verge development team hard-forked the entire cryptocurrency’s source code to patch the flaw exploited by the attacker and reverse his gains.

But according to several users knowledgeable of the Verge source code, the attacker found a way around the hard-fork’s patch and launched a similar attack.

“Since nothing really was done about the previous attacks (only a band-aid), the attackers now simply use two algos to fork the chain for their own use and are gaining millions,” said a user on the BitcoinTalk forums, the same one who analyzed the April attack.

The Verge dev team didn’t appear to recognize the attack, in the beginning, calling it a DDoS on mining pools.

Nonetheless, once it became clear what was going on, developers started working on a patch once more. It is unclear if the Verge team plans to hard-fork the cryptocurrency’s source code to reverse the effects of the illegal mining like it did in April.

 

Verge

 

 

Highest Selling Technical Courses of Indian Cyber Security Solutions:

Certified Ethical Hacker Training in Bhubaneswar

Ethical Hacking Training in Bhubaneswar

Certified Ethical Hacker Training in Bangalore

Ethical Hacking Training in Bangalore

Certified Ethical Hacker Training in Hyderabad

Ethical Hacking Training in Hyderabad

Python Training in Bangalore

Python Training in Hyderabad

Python Training in Bhubaneswar

Networking Training in Bangalore

Networking Training in Hyderabad

Networking Training in Bhubaneswar

Advance Python Training in Hyderabad

Advance Python Training in Bangalore

Amazon Web Services Training in Hyderabad

Amazon Web Services Training in Bangalore

Amazon Web Services Training in Bhubaneswar

Certified Ethical Hacker Certification – C | EH v10

Summer Training for CSE, IT, BCA & MCA Students 

Network Penetration Testing training

Ethical Hacking  training

Python Programming training

Diploma in Network Security Training

Android Development  training

Secured Coding in Java

Certified Network Penetration Tester 

Diploma in Web Application Security 

Certified Web Application Penetration Tester 

Certified Android Penetration Tester 

Certified Python Programming 

Advance Python Training 

Reverse Engineering Training  

Amazon Web Services Training  

VMware Training 

 

Cybersecurity services that can protect your company:

Web Security | Web Penetration Testing

Network Penetration Testing – NPT

Android App Penetration Testing

Source Web Development

Source Code Review

Android App Development

Digital Marketing Consultancy

Data Recovery

 

Other Location for Online Courses:

Bhubaneswar

Bangalore

Hyderabad


  • 0
PHP Script

Spam Botnet Tracked Down to Malicious PHP Script Found on 5,000 Hacked Sites

Category : Blog

PHP Script (Malicious) Found on 5,000 Hacked Sites

PHP scripts can be created using any basic text editor or HTML editing software tool. Each PHP file must be saved with a .php file extension in order to be recognized as a functioning PHP script. When the Apache server has the appropriate settings, PHP code can be recognized also in .html files. This can also be achieved by adding an additional handler in the .htaccess file of a Linux based web server.

A malicious PHP script found on over 5,000 compromised websites has been fingered as the source of a large-scale spam campaign that has been silently redirecting users to web pages hosting diet and intelligence boosting pills.

The purpose of this script is to keep hacked sites under the control of a group of cyber-criminals, and manage dynamic redirections to various spam campaigns.

 

PHP Script

 

Script is part of “Brain Food” botnet

The script is part of the infrastructure of a voracious spam botnet named “Brain Food.” The spam campaigns pushed by this botnet have been spotted as far as March 2017, but its operations were dissected last week by Proofpoint researcher Andrew Conway.

Brain Food is a PHP script that we have found on over 5,000 compromised websites over the past four months. Over 2,400 of those have shown activity in the past 7 days. Nearly 40% of the compromised sites are hosted on five platforms.

Brain Food botnet admins operate by sending email spam to victims containing short links to these PHP scripts on various hacked sites.

If a user clicks on the short links, they arrive on the PHP script, which redirects the user to another hacked site hosting web pages for diet and intelligence-boosting pills, usually containing fake branding.

The PHP scripts are capable of receiving new “redirection targets” from the Brain Food operators based on the most recent spam campaign they are pushing. The scripts also collect click-through statistics for each campaign.

 

Brain Food

 

Over 2,400 sites active in the past seven days alone

Conway says he’s been tracking over 5,000 sites containing copies of these PHP scripts, with the vast majority found on GoDaddy’s network. Over 2,400 were active last week, according to Conway.

The botnet doesn’t seem to be living off specific vulnerabilities on certain CMS platforms. Conway says Brain Food is comprised of hacked sites running on a multitude of platforms, such as WordPress, Joomla, and others.

The script’s code is also polymorphic and obfuscated with multiple layers of base64 encoding. Furthermore, it also includes protection against automatic Google indexing, responding to Google’s search crawler with a 404 code “page not found” error.

While the botnet is harmless for end users, pushing only spammy content, it is dangerous for infected sites, mainly because of its backdoor-like capabilities that allow the botnet operators to execute any code they want at any time.

 

Conway

 

 

Highest Selling Technical Courses of Indian Cyber Security Solutions:

Certified Ethical Hacker Training in Bhubaneswar

Ethical Hacking Training in Bhubaneswar

Certified Ethical Hacker Training in Bangalore

Ethical Hacking Training in Bangalore

Certified Ethical Hacker Training in Hyderabad

Ethical Hacking Training in Hyderabad

Python Training in Bangalore

Python Training in Hyderabad

Python Training in Bhubaneswar

Networking Training in Bangalore

Networking Training in Hyderabad

Networking Training in Bhubaneswar

Advance Python Training in Hyderabad

Advance Python Training in Bangalore

Amazon Web Services Training in Hyderabad

Amazon Web Services Training in Bangalore

Certified Ethical Hacker Certification – C | EH v10

Summer Training for CSE, IT, BCA & MCA Students 

Network Penetration Testing training

Ethical Hacking  training

Python Programming training

Diploma in Network Security Training

Android Development  training

Secured Coding in Java

Certified Network Penetration Tester 

Diploma in Web Application Security 

Certified Web Application Penetration Tester 

Certified Android Penetration Tester 

Certified Python Programming 

Advance Python Training 

Reverse Engineering Training  

Amazon Web Services Training  

VMware Training 

 

Cybersecurity services that can protect your company:

Web Security | Web Penetration Testing

Network Penetration Testing – NPT

Android App Penetration Testing

Source Web Development

Source Code Review

Android App Development

Digital Marketing Consultancy

Data Recovery

 

Other Location for Online Courses:

Bhubaneswar

Bangalore

Hyderabad

 


  • 0
Windows 10

Microsoft Releases KB4103714 Cumulative Update for Windows 10 Fall Creatives Updates

Category : Blog

Windows 10 : Microsoft Releases KB4103714 Cumulative Update

Windows 10 is a personal computer operating system developed and released by Microsoft, as part of the Windows NT family of operating systems. It was released on July 29, 2015. It is the first version of Windows that receives ongoing feature updates. Devices in enterprise environments can receive these updates at a slower pace, or use long-term support milestones that only receive critical updates, such as security patches, over their ten-year lifespan of extended support.

Windows 10 is a service, which means it gets better through periodic software updates.

Microsoft has released a new cumulative update KB4103714 for the Windows 10 Fall Creator Update to address a number of issues known to the system.

If you are still on the Windows 10 Fall Creators Update (1709) Microsoft is pushing out a new Cumulative Update to you with a number of improvements.

 

Windows 10

 

IMPROVEMENTS AND FIXES

  • Addresses additional issues with updated time zone information.
  • Addresses an issue that causes Internet Explorer dialogs on a second monitor to also appear on the primary monitor when using extended display.
  • Addresses an issue with Microsoft Edge browser windows in remote sessions.
  • Addresses a reliability issue in .NET applications when using a Japanese IME in a textbox.
  • Addresses a reliability issue that may cause Microsoft Edge or other applications to stop responding when you create a new audio endpoint while audio or video playback is starting.
  • Addresses an issue with Bluetooth devices failing to receive data after a restart.
  • Addresses an issue that can prevent the touch keyboard from showing up reliably in some instances.
  • Addresses an issue where UWP apps that store local crash dumps in their local app data folders can’t be cleared using Disk Cleanup or StorageSense. In these cases, LocalDumps isn’t enabled.
  • Addresses an issue that prevents adding performance counters to the Performance Monitor on systems with many processors.
  • Addresses an issue that causes BitLocker to go into recovery mode when updates are applied.
  • Addresses an issue where expired VPN certificates aren’t deleted, slowing application performance.
  • Addresses an issue that causes sporadic authentication issues when using Windows Authentication Manager.
  • Addresses an issue that causes client applications that use Windows Authentication Manager to stop working when making a request to the server.
  • Addresses an issue with the invalidation of the Windows Authentication Manager token cache.
  • Addresses an issue that cause a timeout error when a VPN tries to disconnect from a device that is in the Connected Standby state.
  • Provides an explicit error when plugins fail to connect to prevent timeouts.
  • Addresses an issue where running the DiskShadow utility after adding a persistent memory controller causes RetrieveAllVirtualMachinesComponentsMetadata() to stop responding.
  • Addresses an issue that causes a VM to throw an error after creating the VM with static memory. This occurs when you enable HYPER-V and disable NUMA in the BIOS on a physical machine that has more than 64 logical processors. The error is “The data is invalid. (0x8007000D)”, and the VM fails to start.
  • Addresses an issue that occurs when multiple processes are limited by rate, using job objects. This can cause various symptoms including, but not limited to, system-process CPU spikes, interrupt-time CPU spikes, high privileged time on some CPUs, and increased system or processor queue lengths.
  • Addresses an issue that causes docker builds to fail with the error message “hcsshim::ImportLayer failed in Win32: The system cannot find the path specified.”
  • Addresses an issue in which Windows 10 clients that authenticate to 802.1x WLAN access points fail to apply Group Policy permissions, run scripts, or retrieve roaming profiles at user logon. This occurs because Kerberos authentication fails for \\domain\sysvol, \\domain\netlogon, and other DFS paths.
  • Addresses an issue in a RemoteApp session that causes clicking in the foreground window to become unresponsive when using grouped windows.
  • Addresses an issue in a RemoteApp session that may result in a black screen when maximizing an application on a secondary monitor.
  • Addresses an issue with application association in the DISM tool.
  • Adds support to Microsoft Edge and Internet Explorer 11 for the SameSite cookie web standard. For more details about SameSite cookies, see our recently published blog post.

 

Improvements

 

No known issues

There are no known issues in Windows 10 cumulative update KB4103714, though as we learned the hard way, it remains to be seen if performance is indeed flawless or not. Cumulative updates have previously caused quite a lot of struggles on Windows 10 devices, and we shall see if this is the case with KB4103714 or not.

The update is available via Windows Update on systems running Windows 10 Fall Creators Update, or it can be downloaded from Microsoft’s Update Catalog using this link. The next round of cumulative updates for Windows 10 is due to land on June 12 when the company begins the Patch Tuesday rollout.

 

issues

 

 

Highest Selling Technical Courses of Indian Cyber Security Solutions:

Certified Ethical Hacker Training in Bhubaneswar

Ethical Hacking Training in Bhubaneswar

Certified Ethical Hacker Training in Bangalore

Ethical Hacking Training in Bangalore

Certified Ethical Hacker Training in Hyderabad

Ethical Hacking Training in Hyderabad

Python Training in Bangalore

Python Training in Hyderabad

Python Training in Bhubaneswar

Networking Training in Bangalore

Networking Training in Hyderabad

Networking Training in Bhubaneswar

Advance Python Training in Hyderabad

Advance Python Training in Bangalore

Amazon Web Services Training in Hyderabad

Amazon Web Services Training in Bangalore

Certified Ethical Hacker Certification – C | EH v10

Summer Training for CSE, IT, BCA & MCA Students 

Network Penetration Testing training

Ethical Hacking  training

Python Programming training

Diploma in Network Security Training

Android Development  training

Secured Coding in Java

Certified Network Penetration Tester 

Diploma in Web Application Security 

Certified Web Application Penetration Tester 

Certified Android Penetration Tester 

Certified Python Programming 

Advance Python Training 

Reverse Engineering Training  

Amazon Web Services Training  

VMware Training 

 

Cybersecurity services that can protect your company:

Web Security | Web Penetration Testing

Network Penetration Testing – NPT

Android App Penetration Testing

Source Web Development

Source Code Review

Android App Development

Digital Marketing Consultancy

Data Recovery

 

Other Location for Online Courses:

Bhubaneswar

Bangalore

Hyderabad


  • 0
System Management Mode

System Management Mode Speculative Execution Attacks

Category : Blog

System Management Mode Speculative Execution Attacks

System Management Mode (SMM, sometimes called ring -2) is an operating mode of x86 central processor units (CPUs) in which all normal execution, including the operating system, is suspended. An alternate software system which usually resides in the computer’s firmware, or a hardware-assisted debugger, is then executed with high privileges.

Discovered a new application of speculative execution attacks, bypassing hardware-based memory protections. Vulnerabilities affecting speculative execution of modern processor architectures were first discovered in 2017 by Jann Horn of Google Project Zero and other security researchers. This class of vulnerabilities allows local unprivileged attackers to expose the contents of protected memory by exploiting the microarchitectural capabilities of modern out-of-order CPUs such as caching, instruction pipeline or speculative execution. We expanded on this method to gain access to the highly privileged System Management Mode (SMM) memory.

 

System Management Mode

 

Impact

Because System Management Mode generally has privileged access to physical memory, including memory isolated from operating systems, our research demonstrates that Spectre-based attacks can reveal other secrets in memory (eg. hypervisor, operating system, or application). Thus far, the Spectre and Meltdown vulnerabilities were demonstrated to affect software, such as operating systems, hypervisors or even applications within protected SGX enclaves. However, the effect on firmware has not previously been shown. While there are many different kinds of firmware present in every system, we wanted to investigate host processor firmware first.

 

Memory

 

The processor executes the main system firmware, often referred to as BIOS or UEFI, when the system boots. Much of this firmware only runs at boot time; however, there is also a portion that runs in parallel with the OS in a special x86 mode known as System Management Mode (SMM). This runtime part of firmware (often referred to as SMI Handler) has long been of interest to security researchers and a target for advanced attackers, since this code has high privileges and operates outside the view of other software including the OS and any security applications.

 

processor

 

These enhanced Spectre attacks allow an unprivileged attacker to read the contents of memory, including memory that should be protected by the range registers, such as System Management Mode memory. This can expose System Management Mode code and data that was intended to be confidential, revealing other System Management Mode vulnerabilities as well as secrets stored in SMM. Additionally, since we demonstrate that the speculative memory access occurs from the context of System Management Mode, this could be used to reveal other secrets in memory as well.

 

enhanced

 

Bypassing System Management Mode Range Registers

Based on the attack scenario above, we ran the following experiment:

  1. We found a conditional branch validating the index into an array in one of the SMI handlers. This index should be the one controlled by the OS-level attacker.
  2. For the sake of a proof-of-concept, it is possible to inject the “vulnerable” function, as in the following example victim_function. The goal of this experiment was to demonstrate the impact of original Spectre attacks on memory protections like range registers.
  3. We triggered the vulnerable code in the SMI handler (by calling SW SMI or other SMM interfaces) with out-of-bounds array access, which caused speculative execution and the loading of data from an arbitrary SMRAM location to the data cache.
  4. We recovered the SMRAM data by measuring access time to different non-SMRAM locations in the data cache using one of the cache timing side-channel techniques.

As a result of running the above experiment, we’ve successfully recovered data that was stored in SMRAM and protected by SMRR. This proof-of-concept exploit is a modified Spectre variant 1 PoC exploit running with kernel-mode privileges.

 

SMRAM

 

 

Highest Selling Technical Courses of Indian Cyber Security Solutions:

Certified Ethical Hacker Training in Bhubaneswar

Ethical Hacking Training in Bhubaneswar

Certified Ethical Hacker Training in Bangalore

Ethical Hacking Training in Bangalore

Certified Ethical Hacker Training in Hyderabad

Ethical Hacking Training in Hyderabad

Python Training in Bangalore

Python Training in Hyderabad

Python Training in Bhubaneswar

Networking Training in Bangalore

Networking Training in Hyderabad

Networking Training in Bhubaneswar

Advance Python Training in Hyderabad

Advance Python Training in Bangalore

Amazon Web Services Training in Hyderabad

Certified Ethical Hacker Certification – C | EH v10

Summer Training for CSE, IT, BCA & MCA Students 

Network Penetration Testing training

Ethical Hacking  training

Python Programming training

Diploma in Network Security Training

Android Development  training

Secured Coding in Java

Certified Network Penetration Tester 

Diploma in Web Application Security 

Certified Web Application Penetration Tester 

Certified Android Penetration Tester 

Certified Python Programming 

Advance Python Training 

Reverse Engineering Training  

Amazon Web Services Training  

VMware Training 

 

Cybersecurity services that can protect your company:

Web Security | Web Penetration Testing

Network Penetration Testing – NPT

Android App Penetration Testing

Source Web Development

Source Code Review

Android App Development

Digital Marketing Consultancy

Data Recovery

 

Other Location for Online Courses:

Bhubaneswar

Bangalore

Hyderabad


  • 0

How To Become White Hat Hacker

Category : Blog

White Hat Hacker –

Learn How to Become

White hat hacker, or ethical hacker, uses penetration testing techniques to test an organization’s IT security and to identify vulnerabilities. IT security staff then uses the results of such penetration tests to remediate vulnerabilities, strengthen security and lower an organization’s risk factors.

Nowadays, the world has experienced fast-paced progress, especially in the IT industry. As a result, the complexity and functionality of technologies rise on the daily basis. However, the more sophisticated the systems and products are, the more people desire to hack into them. In other words, there is a growing number of computer burglars, who generally known as hackers, whose main objective is to get benefits from destroying or harming to various technology products or systems.

 

White hat hacker

 

 

Penetration testing is never a casual undertaking. It involves lots of planning, which includes getting explicit permission from management to perform tests, and then running tests as safely as possible. These tests often involve the very same techniques that attackers use to breach a network for real.

Penetration testing

 

Background and Education Requirements

White hat hacker need to deal of problem solving, as well as communication skills. A white hat hacker also requires a balance of intelligence and common sense, strong technical and organizational skills, impeccable judgement and the ability to remain cool under pressure.

At the same time, white hat hacker needs to think like a black hat hacker, with all their nefarious goals and devious skills and behavior. Some top-rate white hat hacker are former black hat hackers who got caught, and for various reasons decided to leave a life of crime behind and put their skills to work in a positive (and legal) way.

 

Black hat hacker

 

Pertinent Certifications

White hat hacker and security-related IT certifications can help a candidate get a foot in the door, even without copious amounts of hands-on experience.

The intermediate-level CEH credential focuses on system hacking, enumeration, social engineering, SQL injection, Trojans, worms, viruses and other forms of attack, including denial of service (DoS). Candidates must also demonstrate knowledge of cryptography, penetration testing, firewalls, honeypots and more.

The EC-Council recommends a five-day CEH training class for candidates without prior work experience. To do well in the course, students should have Windows and Linux systems administration skills, familiarity with TCP/IP and working knowledge of virtualization platforms.

Becoming certified white hat hacker also involves staying on the legal side of hacking, never engaging in illicit or unethical hacking activities and protecting the intellectual property of others. As part of the certification process, candidates need to agree to uphold the EC-Council’s code of ethics and never associate with unethical hackers or malicious activities.

 

CEH

 

Summing Up

Candidates who show interest in working in InfoSec, along with the appropriate background and a certification or two to start with, should have few problems finding ethical hacking work right away. Over time, you’ll be able to use continuing education and certification to steer your career exactly where you’d like it to go.

 

ethical hacking

 

 

Highest Selling Technical Courses of Indian Cyber Security Solutions:

Certified Ethical Hacker Training in Bhubaneswar

Ethical Hacking Training in Bhubaneswar

Certified Ethical Hacker Training in Bangalore

Ethical Hacking Training in Bangalore

Certified Ethical Hacker Training in Hyderabad

Ethical Hacking Training in Hyderabad

Python Training in Bangalore

Python Training in Hyderabad

Python Training in Bhubaneswar

CCNA Training in Bangalore

CCNA Training in Hyderabad

Networking Training in Bhubaneswar

Advance Python Training in Hyderabad

Advance Python Training in Bangalore

Certified Ethical Hacker Certification – C | EH v10

Summer Training for CSE, IT, BCA & MCA Students 

Network Penetration Testing training

Ethical Hacking  training

Python Programming training

Diploma in Network Security Training

Android Development  training

Secured Coding in Java

Certified Network Penetration Tester 

Diploma in Web Application Security 

Certified Web Application Penetration Tester 

Certified Android Penetration Tester 

Certified Python Programming 

Advance Python Training 

Reverse Engineering Training  

Amazon Web Services Training  

VMware Training 

 

Cybersecurity services that can protect your company:

Web Security | Web Penetration Testing

Network Penetration Testing – NPT

Android App Penetration Testing

Source Web Development

Source Code Review

Android App Development

Digital Marketing Consultancy

Data Recovery

 

Other Location for Online Courses:

Bhubaneswar

Bangalore

Hyderabad

 

 


  • 0
Wireless Network

WiFi (Wireless) Network

Category : Blog

Wireless Network – 

How to Hack

Wireless network is a network that uses radio waves to link computers and other devices together. The implementation is done at the Layer 1 (physical layer) of the OSI model.

Wireless networks are accessible to anyone within the router’s transmission radius. This makes them vulnerable to attacks. Hotspots are available in public places such as airports, restaurants, parks, etc.

 

Wireless Network

 

How to access a wireless network

 You will need a wireless network enabled device such as a laptop, tablet, smartphones, etc. You will also need to be within the transmission radius of a wireless network access point. Most devices (if the wireless network option is turned on) will provide you with a list of available networks. If the network is not password protected, then you just have to click on connect. If it is password protected, then you will need the password to gain access.

 

password

 

Wireless Network Authentication

Since the network is easily accessible to everyone with a wireless network enabled device, most networks are password protected. Let’s look at some of the most commonly used authentication techniques.

 

network

 

How to Crack Wireless Networks

WEP cracking

Cracking is the process of exploiting security weaknesses in wireless networks and gaining unauthorized access. WEP cracking refers to exploits on networks that use WEP to implement security controls. There are basically two types of cracks namely;

Passive cracking– this type of cracking has no effect on the network traffic until the WEP security has been cracked. It is difficult to detect.

Active cracking– this type of attack has an increased load effect on the network traffic. It is easy to detect compared to passive cracking. It is more effective compared to passive cracking.

 

cracking

 

Cracking Wireless network WEP/WPA keys

It is possible to crack the WEP/WPA keys used to gain access to a wireless network. Doing so requires software and hardware resources, and patience. The success of such attacks can also depend on how active and inactive the users of the target network are.

We will provide you with basic information that can help you get started. Backtrack is a Linux-based security operating system. It is developed on top of Ubuntu. Backtrack comes with a number of security tools. Backtrack can be used to gather information, assess vulnerabilities and perform exploits among other things.

 

WEP/WPA

 

Summary

  • Wireless network transmission waves can be seen by outsiders, this possesses many security risks.
  • WEP is the acronym for Wired Equivalent Privacy. It has security flaws which make it easier to break compared to other security implementations.
  • WPA is the acronym for Wi-Fi Protected Access. It has security compared to WEP
  • Intrusion Detection Systems can help detect unauthorized access
  • A good security policy can help protect a network.

security

 

 

Highest Selling Technical Courses of Indian Cyber Security Solutions:

Certified Ethical Hacker Training in Bhubaneswar

Ethical Hacking Training in Bhubaneswar

Certified Ethical Hacker Training in Bangalore

Ethical Hacking Training in Bangalore

Certified Ethical Hacker Training in Hyderabad

Ethical Hacking Training in Hyderabad

Python Training in Bangalore

Python Training in Hyderabad

Python Training in Bhubaneswar

CCNA Training in Bangalore

CCNA Training in Hyderabad

Networking Training in Bhubaneswar

Advance Python Training in Hyderabad

Certified Ethical Hacker Certification – C | EH v10

Summer Training for CSE, IT, BCA & MCA Students 

Network Penetration Testing training

Ethical Hacking  training

Python Programming training

Diploma in Network Security Training

Android Development  training

Secured Coding in Java

Certified Network Penetration Tester 

Diploma in Web Application Security 

Certified Web Application Penetration Tester 

Certified Android Penetration Tester 

Certified Python Programming 

Advance Python Training 

Reverse Engineering Training  

Amazon Web Services Training  

VMware Training 

 

Cybersecurity services that can protect your company:

Web Security | Web Penetration Testing

Network Penetration Testing – NPT

Android App Penetration Testing

Source Web Development

Source Code Review

Android App Development

Digital Marketing Consultancy

Data Recovery

 

Other Location for Online Courses:

Bhubaneswar

Bangalore

Hyderabad

 

 


  • 0
GhostInTheNet

GhostInTheNet: protects Linux from MITM/DOS/scan

Category : Blog

GhostInTheNet

GhostInTheNet is a Ultimate Network Stealther that makes Linux a Ghost In The Net and protects from MITM/DOS/scan.

Properties:

  • Network Invisibility
  • Network Anonymity
  • Protects from MITM/DOS
  • Transparent
  • Cross-platform
  • Minimalistic

Dependencies:

  • Linux 2.4.26+ – will work on any Linux-based OS, including Whonix and RaspberryPI
  • BASH – the whole script
  • root privileges – for kernel controlling

Limitations:

  • You can still be found with VLAN logs if using ethernet or by triangulation/broadcast if using WiFi
  • MAC spoofing won’t work if appropriate mitigations have been taken, like DAI or sticky MAC
  • Might be buggy with some CISCO switches
  • Not suitable for production servers

GhostInTheNet

 

How GhostInTheNet works:

The basic and primary network protocol is ARP for IPv4 and NDP (ICMPv6) for IPv6, located in the link and network layer, provides main connectivity in a LAN.

Despite its utility and simplicity, it has numerous vulnerabilities that can lead to a MITM attack and leak of confidentiality.

Patching of such a widely used standard is a practically impossible task.

A very simple, but at the same time effective solution is to disable ARP and NDP responses on an interface and be very cautious with broadcasting.

Considering the varieties of implementations, this means that anyone in the network wouldn’t be able to communicate with such host, only if the host is willing itself.

The ARP/NDP cache will be erased quickly afterward.

 

ARP/NDP

 

Analysis:

No ARP/NDP means no connectivity, so an absolute stealth and obscurity on the network/link layer.

This protects from all possible DOSes and MITMs (ARP, DNS, DHCP, ICMP, Port Stealing) and far less resource consuming like ArpON.

Such mitigation implies the impossibility of being scanned (nmap, arping).

Besides, it doesn’t impact a normal internet or LAN connection on the host perspective.

If you’re connecting to a host, it will be authorized to do so, but shortly after stopping the communication, the host will forget about you because ARP/NDP tables won’t stay long without a fresh request.

Regarding the large compatibility and cross-platforming, it’s very useful for offsec/pentest/redteaming as well.

 

LAN

 

 

Highest Selling Technical Courses of Indian Cyber Security Solutions:

Certified Ethical Hacker Training in Bhubaneswar

Ethical Hacking Training in Bhubaneswar

Certified Ethical Hacker Training in Bangalore

Ethical Hacking Training in Bangalore

Certified Ethical Hacker Training in Hyderabad

Ethical Hacking Training in Hyderabad

Python Training in Bangalore

Python Training in Hyderabad

Python Training in Bhubaneswar

CCNA Training in Bangalore

CCNA Training in Hyderabad

Networking Training in Bhubaneswar

Certified Ethical Hacker Certification – C | EH v10

Summer Training for CSE, IT, BCA & MCA Students 

Network Penetration Testing training

Ethical Hacking  training

Python Programming training

Diploma in Network Security Training

Android Development  training

Secured Coding in Java

Certified Network Penetration Tester 

Diploma in Web Application Security 

Certified Web Application Penetration Tester 

Certified Android Penetration Tester 

Certified Python Programming 

Advance Python Training 

Reverse Engineering Training  

Amazon Web Services Training  

VMware Training 

 

Cybersecurity services that can protect your company:

Web Security | Web Penetration Testing

Network Penetration Testing – NPT

Android App Penetration Testing

Source Web Development

Source Code Review

Android App Development

Digital Marketing Consultancy

Data Recovery

 

Other Location for Online Courses:

Bhubaneswar

Bangalore

Hyderabad


  • 0
Vulnerability

Vulnerability: New Intel CPU Vulnerabilities Found

Category : Blog

Vulnerability

Vulnerability is a cyber-security term that refers to a flaw in a system that can leave it open to attack. It is may also refer to any type of weakness in a computer system itself, in a set of procedures, or in anything that leaves information security exposed to a threat.

Computer users and network personnel can protect computer systems from vulnerabilities by keeping software security patches up to date. These patches can remedy flaws or security holes that were found in the initial release. Computer and network personnel should also stay informed about current vulnerabilities in the software they use and seek out ways to protect against them.

 

Vulnerability

 

Spectre Next Generation: New Intel CPU Vulnerabilities Found

Following January’s reports of Meltdown and Spectre affecting Intel processors, security researchers found eight new vulnerabilities in Intel processors. As Google Project Zero’s 90-day deadline ends on May 7 for companies’ disclosure of technical details and solutions, the flaws — named Spectre Next Generation or Spectre NG — were characterized as similar to the previous Spectre attack scenarios. Four of the flaws were rated as “high” risk and the rest are of “medium” severity.

Each vulnerability will have their own number in the Common Vulnerability Enumerator (CVE) directory. Intel patches will come in two waves, with one in May and the next in August. Linux developers are working on measures against Spectre as well, while Microsoft is preparing patches for the said vulnerabilities, which they will distribute as optional updates. Further, Microsoft is also offering $250,000 in a bug bounty program for more unknown Spectre-related flaws. Advanced RISC Machine (ARM) CPUs from Japan’s Softbank’s ARM Holdings are speculated to also be affected by these new vulnerabilities, while Advanced Micro Devices’ (AMD) architecture is still being examined.

Intel

 

New information suggested that Intel requested to postpone the publishing of the vulnerabilities’ technical details, and it seems that Google Project Zero agreed to the delay. Due to the number of affected systems, the company is seen having problems getting the patches out in time for May 7 and intends to do the coordinated release of the microcodes on May 21 or July 10 with the details of at least two variants. Likely affected systems include Core processors, Xeon spinoffs, Atom-based Pentium, Atom and Celeron CPUs released since 2013, which affects desktops, laptops, smartphones and other embedded devices. The August 14 patch will likely address the most serious vulnerability affecting cloud environments, and Intel is reportedly releasing hardware and software improvements for other manufacturers and vendors to implement.

 

CPU

 

 

Highest Selling Technical Courses of Indian Cyber Security Solutions:

Certified Ethical Hacker Training in Bhubaneswar

Ethical Hacking Training in Bhubaneswar

Certified Ethical Hacker Training in Bangalore

Ethical Hacking Training in Bangalore

Certified Ethical Hacker Training in Hyderabad

Ethical Hacking Training in Hyderabad

Python Training in Bangalore

Python Training in Hyderabad

Python Training in Bhubaneswar

CCNA Training in Bangalore

CCNA Training in Hyderabad

Certified Ethical Hacker Certification – C | EH v10

Summer Training for CSE, IT, BCA & MCA Students 

Network Penetration Testing training

Ethical Hacking  training

Python Programming training

Diploma in Network Security Training

Android Development  training

Secured Coding in Java

Certified Network Penetration Tester 

Diploma in Web Application Security 

Certified Web Application Penetration Tester 

Certified Android Penetration Tester 

Certified Python Programming 

Advance Python Training 

Reverse Engineering Training  

Amazon Web Services Training  

VMware Training 

 

Cybersecurity services that can protect your company:

Web Security | Web Penetration Testing

Network Penetration Testing – NPT

Android App Penetration Testing

Source Web Development

Source Code Review

Android App Development

Digital Marketing Consultancy

Data Recovery

 

Other Location for Online Courses:

Bhubaneswar

Bangalore

Hyderabad

 


  • 0
DRAKVUF

DRAKVUF: Black-box Binary Analysis

Category : Blog

DRAKVUF

DRAKVUF consists of several plugins, each collecting different aspects of the guests’ execution, like logging system calls or tracking kernel heap allocations.

It is a virtualization based agentless black-box binary analysis system. DRAKVUF allows for in-depth execution tracing of arbitrary binaries (including operating systems), all without having to install any special software within the virtual machine used for analysis.

 

DRAKVUF

Hardware requirements for DRAKVUF

DRAKVUF uses hardware virtualization extensions found in Intel CPUs. You will need an Intel CPU with virtualization support (VT-x) and with Extended Page Tables (EPT). DRAKVUF is not going to work on any other CPUs (such as AMD) or on Intel CPUs without the required virtualization extensions.

 

Hardware

 

Currently available plugins for DRAKVUF:

  • syscalls
  • poolmon
  • objmon
  • exmon
  • filetracer
  • filedelete
  • ssdtmon
  • socketmon

syscalls

The syscalls plugin is responsible for tracking the execution of function-entry-points responsible to handling system calls on Windows and Linux. The function accomplishes this by looping through the Rekall-profile and using a BREAKPOINT trap on each function whose name starts with Nt on Windows and sys_ on Linux.

syscalls

 

Poolmon

The poolmon plugin tracks calls to the ExAllocatePoolWithTag function, which is responsible for allocating objects on the kernel heap in Windows.

The prototype of this function is defined as follows (form MSDN https://msdn.microsoft.com/en-us/library/windows/hardware/ff544520%28v=vs.85%29.aspx):

Poolmon

 

Objmon

The objmon plugin monitors the execution of ObCreateObject. This function is also called when creating common objects in Windows. The ObjectType input defines an index into the Windows 7 type array, currently defining 42 objects.

 

Objmon

 

Exmon

The exmon plugin monitors the execution of KiDispatchException, which is the Windows exception handler function when an exception occurs in either user- or kernel-space. The plugin extracts the information from the TrapFrame input containing the CPU state when the exception occured.

The ReactOS definition of this function is as follows (from http://doxygen.reactos.org/d7/d7f/ntoskrnl_2ke_2amd64_2except_8c_a660d1a46ff201c5861caf9667937f73f.html):

Exmon

 

filetracer

The filetracer plugin monitors the use of _FILE_OBJECT structures by system-calls as well as internal kernel functions used by kernel drivers. With this approach we get a complete view of files being accessed on the system.

 

filetracer

 

Filedelete

The filedelete plugin monitors the execution of NtSetInformationFile and ZwSetInformationFile, which are functions responsible for deleting files (there are some others too, such as NtDeleteFile). When the function is called and the fifth input of the function is FILE_DISPOSITION_INFORMATION (13) the file path is determined by walking the handle table of the process via the DRAKVUF function drakvuf_get_obj_by_handle. Once the address is known, it be extracting using the Volatility plugin dumpfiles.

 

Filedelete

 

SSDTmon

The SSDTmon plugin monitors write-memory accesses to the System Service Descriptor Table used to store pointers to the system call handling functions. If malware hooks this table and redirects system calls, the syscalls plugin is affected as the original function(s) may no longer get called where it originally trapped. If this plugin detects a change, one must assume that the syscall plugin output is no longer complete.

 

SSDTmon

 

Socketmon

The socketmon plugin monitors the usage of TCP and UPD sockets for Windows guests. It requires the creation of a Rekall profile for the tcpip.sys kernel module, which is normally located at C:\Windows\System32\drivers\tcpip.sys. You will need to copy this file to where you will be generating the Rekall profile at. To generate a Rekall profile for it you can use the pdbparse project to obtain the PDB:

 

Socketmon

 

Supported guests:

  • Windows 7 – 8, both 32 and 64-bit
  • Windows 10 64-bit
  • Linux 2.6.x – 4.x, both 32-bit and 64-bit

 

Windows

 

Malware analysis:

DRAKVUF provides a perfect platform for stealthy malware analysis as its footprint is nearly undetectable from the malware’s perspective. While DRAKVUF has been mainly developed with malware analysis in mind, it is certainly not limited to that task as it can be used to monitor the execution of arbitrary binaries.

Malware analysis

 

 

 

Highest Selling Technical Courses of Indian Cyber Security Solutions:

Certified Ethical Hacker Training in Bhubaneswar

Ethical Hacking Training in Bhubaneswar

Certified Ethical Hacker Training in Bangalore

Ethical Hacking Training in Bangalore

Certified Ethical Hacker Training in Hyderabad

Ethical Hacking Training in Hyderabad

Python Training in Bangalore

Python Training in Hyderabad

Python Training in Bhubaneswar

CCNA Training in Bangalore

Certified Ethical Hacker Certification – C | EH v10

Summer Training for CSE, IT, BCA & MCA Students 

Network Penetration Testing training

Ethical Hacking  training

Python Programming training

Diploma in Network Security Training

Android Development  training

Secured Coding in Java

Certified Network Penetration Tester 

Diploma in Web Application Security 

Certified Web Application Penetration Tester 

Certified Android Penetration Tester 

Certified Python Programming 

Advance Python Training 

Reverse Engineering Training  

Amazon Web Services Training  

VMware Training 

 

Cybersecurity services that can protect your company:

Web Security | Web Penetration Testing

Network Penetration Testing – NPT

Android App Penetration Testing

Source Web Development

Source Code Review

Android App Development

Digital Marketing Consultancy

Data Recovery

 

Other Location for Online Courses:

Bhubaneswar

Bangalore

Hyderabad

 


  • 0
Wireless Penetration testing tool

Wireless Penetration Testing Tool

Category : Blog

Wireless Penetration Testing Tool

Wireless penetration testing tool is an important aspect of any security audit project, organizations are facing serious threats from their insecure WiFi network. A compromised wifi puts the entire network at risks. Consider the recent darkhotel attack, where the top business executives were the target.

Penetration testing tool are used as part of a penetration test(Pen Test) to automate certain tasks, improve testing efficiency and the attacker were targeting them by hacking into the insecure hotel WiFI network.

There is the little difference between a network vulnerability assessment tool and WiFi vulnerability scanners, so here is the quick list of the tools that could be very useful while performing WiFi penetration testingand discover issues that might be difficult to find using manual analysis techniques alone. Two common penetration testing tools are static analysis tools and dynamic analysis tools.

Wireless Penetration testing tool

 

Aircrack-ng

Aircrack-ng is a wireless penetration testing tool. It is an 802.11 WEP and WPA-PSK keys cracking program that can recover keys once enough data packets have been captured. It implements the standard FMS attack along with some optimizations like KoreK attacks, as well as the all-new PTW attack, thus making the attack much faster compared to other WEP cracking tools. In fact, Aircrack-ng is a set of tools for auditing wireless networks.

 

Aircrack-ng

 

Kismet

Kismet is wireless penetration testing tool. It is an 802.11 layer2 wireless network detector, sniffer, and intrusion detection system. Kismet will work with any wireless card which supports raw monitoring (rfmon) mode, and (with appropriate hardware) can sniff 802.11b, 802.11a, 802.11g, and 802.11n traffic. Kismet also supports plugins which allow sniffing other media such as DECT.

 

Kismet

 

Netstumbler

Netstumbler is a wireless penetration testing tool which is the best known Windows tool for finding open wireless access points (“wardriving”). They also distribute a WinCE version for PDAs and such named MiniStumbler. The tool is currently free but Windows-only and no source code is provided. It uses a more active approach to finding WAPs than passive sniffers such as Kismet or KisMAC.

 

Netstumbler

 

InSSIDer

InSSIDer is a wireless penetration testing tool. It is a wireless network scanner for Windows, OS X, and Android. It was designed to overcome limitations of NetStumbler, namely not working well on 64-bit Windows and Windows Vista. inSSIDer can find open wireless access points, track signal strength over time, and save logs with GPS records.

InSSIDer

 

KisMAC

KisMAC is a wireless penetration testing tool. This popular wireless stumbler for Mac OS X offers many of the features of its namesake Kismet, though the codebase is entirely different. Unlike console-based Kismet, KisMAC offers a pretty GUI and was around before Kismet was ported to OS X. It also offers mapping, Pcap-format import and logging, and even some decryption and deauthentication attacks.

 

KisMAC

 

Bonus Tools

Kali Linux the successor of backtrack linux has most of the tools configured already but if you need to configure the additional tools then it could be done easily. Beyond the tools mentioned above, we have some important and relevant tools:

Reaver-WPS

Reaver performs a brute force attack against an access point’s WiFi Protected Setup pin number. Once the WPS pin is found, the WPA PSK can be recovered and alternately the AP’s wireless settings can be reconfigured.

 

Reaver

 

Fern WiFi Cracker

Fern wifi cracker is a wireless security auditing application that is written in python and uses python-qt4. This application uses the aircrack-ng suite of tools.

 

Fern wifi cracker

 

 

Highest Selling Technical Courses of Indian Cyber Security Solutions:

Certified Ethical Hacker Training in Bhubaneswar

Ethical Hacking Training in Bhubaneswar

Certified Ethical Hacker Training in Bangalore

Ethical Hacking Training in Bangalore

Certified Ethical Hacker Training in Hyderabad

Ethical Hacking Training in Hyderabad

Python Training in Bangalore

Python Training in Hyderabad

Python Training in Bhubaneswar

Certified Ethical Hacker Certification – C | EH v10

Summer Training for CSE, IT, BCA & MCA Students 

Network Penetration Testing training

Ethical Hacking  training

Python Programming training

Diploma in Network Security Training

Android Development  training

Secured Coding in Java

Certified Network Penetration Tester 

Diploma in Web Application Security 

Certified Web Application Penetration Tester 

Certified Android Penetration Tester 

Certified Python Programming 

Advance Python Training 

Reverse Engineering Training  

Amazon Web Services Training  

VMware Training 

 

Cybersecurity services that can protect your company:

Web Security | Web Penetration Testing

Network Penetration Testing – NPT

Android App Penetration Testing

Source Web Development

Source Code Review

Android App Development

Digital Marketing Consultancy

Data Recovery

 

Other Location for Online Courses:

Bhubaneswar

Bangalore

Hyderabad


Show Buttons
Hide Buttons